What is Digg?101 Comments
- joolz, on 10/12/2007, -11/+24pdf, thanks for the heads up.
- inactive, on 10/12/2007, -2/+14I had to mark this as inaccurate. The "insecurity" (according to the introduction) is that someone that gets access to the state of the random number generator can figure out previous outputs. But if someone has access to the state of your random number generator, you'd better be prepared to get completely ***** up anyway. If this is the only "insecurity," I don't think it's much of a problem. From having read about a third of the paper, the authors' tone seems to indicate a negative bias towards Linux.
- blackmath, on 10/12/2007, -1/+12I think theres special hardware to create random numbers based on radioactive decay.
http://www.fourmilab.ch/hotbits/how.html - ericpp, on 10/12/2007, -0/+11SGI used to create random numbers by pointing a camera at a lava lamp:
http://www.hackaday.com/entry/1234000163045630/
http://www.lavarnd.org/index.html - merreborn, on 10/12/2007, -4/+14"Windows for Workgroups 3.1 is the safest in my mind"
Bah! My abacus is infinitely more secure! - gfw123, on 10/12/2007, -5/+15I demand rigidly defined areas of doubt and uncertainty!
- chicken101, on 10/12/2007, -5/+13IMHO we are not retards, and thanks for making a broad sweeping statement like that.
- alexandreracine, on 10/12/2007, -4/+12You could compare if you want to...
http://secunia.com/product/22/ (WinxP)
http://secunia.com/product/4670/ (Red Hat Enterprise 4)
http://secunia.com/product/1343/ (RH9)
http://secunia.com/product/2719/ (Linux kernel 2.6)
http://secunia.com/product/763/ (Linux kernel 2.4) - inactive, on 10/12/2007, -2/+10Did you even look at the paper? The "insecurity" isn't in the quality of the numbers generated, it is that if you get access to the state of the generator you can figure out previous outputs.
- SP33DFR34K, on 10/12/2007, -3/+11I got some parts of it, but majority of it just went over my head.
But really, if you take any intro to programming class, they will teach you that there is no such thing a random number. There is no way a computer can randomly generate a number. Instead, its a pseudo-random number (seems so random, but really isn't). A computer is only as smart as the user programming it. There is a set of algorithm (instructions) used to determined the pseudo-random number. So weak algorithm == weak pseudo random number.
Look at Ron Harris, he was able to determine the outcome of the next number. For those who don't know who Ron Harris is, he was able to determine the outcome of the next numbers for Keno based on the previous numbers.
Just keep in mind that a computer cannot generate a random number, that in its own is a flaw. A linux flaw? Maybe. All depends on the implementation of the pseudo random number generator. - Barlo_Mung, on 10/12/2007, -2/+10Let me guess, it only seems to spit out the number nine?
- Bogtha, on 10/12/2007, -2/+10> it should read "... is unsecure"
"Insecure" is the correct word to use to describe something that is not secure. Lacking self-confidence is only one meaning of the word "insecure", it is not the only one.
http://www.answers.com/insecure
"2. Inadequately guarded or protected; unsafe: A shortage of military police made the air base insecure." - Atomic1fire, on 10/12/2007, -1/+8agreed no os is perfect not even linux
- merreborn, on 10/12/2007, -0/+7Having a secure random number generator is critical to security.
Having a well documented random number generator is critical to ensuring your RNG is secure.
As the article points out, the current state of the RNG docs lead to a flaw being present in it for SEVENTEEN MONTHS. This would not occur in a well documented RNG. - Bogtha, on 10/12/2007, -1/+8Please bear in mind the difference between measuring and generating. Computers with external sensors pointed at radioactive material or lava lamps aren't generating the random numbers, they are deriving them from an external source.
There is no way a computation can arrive at a truly random number all by itself, they best it can do is a sequence of numbers in which it's extremely difficult for an external entity to predict - a.k.a. "pseudo-random" numbers. - inactive, on 10/12/2007, -2/+9It doesn't work that way. I actually wrote Theodore Ts'o about this a while back because I wanted to know about that very situation, and to make a long story short, you're full of *****. Not to mention that this state is constantly being updated in unpredictable ways (keyboard input, mouse input, hard drive accesses, interrupts, network activity, etc.). Don't state your speculation as fact.
- bsoric, on 10/12/2007, -2/+8How would you be able to tell it's not random though?
That's the problem with randomness... - RandomPrecision, on 10/12/2007, -6/+12A flaw in a Linux program? Oh well - patch in 3..2..1..
- merreborn, on 10/12/2007, -1/+7A flaw is a flaw.
It's worth noting that the RNG is used in many encryption schemes -- as such, any flaw in the RNG potentially compromises said encryption as well.
Lastly, an attacker with access to your RNG still can't get at encrypted data -- unless the RNG is flawed. - wormeyman, on 10/12/2007, -1/+7/********************
*Change pdf links so that it displays (pdf) after the link - applied to all sites.
********************/
a[href$=pdf]:after { content: " (pdf)" }
Be warned in the future when it's a pdf link put that in your user stylesheet such as the usercontent.css for firefox. - dhughes, on 10/12/2007, -5/+10 Maybe he should say "lack of documentation" a couple of thousand more times, half the article is him saying that.
There's a small error in the Linux random number generator (RNG) code and he goes off on a tangent complaining about Open Source software and RNGs .
He is right that you can never get true randomly generated numbers without expensive equipment, such as a decaying (radioactive) element used to determine the numbers. As far as I know that's not very common. But even then how do you make a number that could be zero, or a positive or negative infinite number?? - BIllyBobFett, on 10/12/2007, -4/+9"I saw the word Israel. I must spout my political opinion to anyone who will listen, regardless of the topic of the article."
- gxti, on 10/12/2007, -5/+10I'd just like to know why you want to see it taken down a peg. If you're just tired of the zealotry I can understand.
- bribera, on 10/12/2007, -2/+7... it says "A recent paper (___pdf___)", which constitutes a warning to me.
- Simkin, on 10/12/2007, -0/+5Sounds more like this is something to address to make Linux even more secure. But it does not appear to be insecure in comparison to other systems available!
The problems also seem to be more in regards to computers with out a hard disk or running off a cd rom drive. Seeing that these generally start up without a password anyhow, I don't think anyone expected them to be secure in the first place!
Please note his conclusions also: "Open source benefits security by enablig security audits, and enabling easy changes to the code. It is rather easy to add patches to the current LRNG code in order o prevent the attacks we described in this paper (this would have been much harder, if at all possible, for closed source PRNGs)."
Nothing to worry about here. But it's nice to know someone spent a lot of time to further improve Linux. - seventoes, on 10/12/2007, -2/+7Man i hope some people learn how to use the (kinda) threading feature on digg...
- eklitzke, on 10/12/2007, -0/+5Just to clarify, there are two random number generators: /dev/random and /dev/urandom . /dev/urandom is the fast and insecure RNG, and /dev/random is the "secure" and slow RNG. The authors are saying that /dev/random is also vulnerable to attack.
- jasqwerty, on 10/12/2007, -6/+10Um, fanboy, take your head out of your ass. He says it twice. Once in his summary, once in his background. This specific RNG fails because it is vulnerable to a state attack, which other RNGs aren't.
- kjland, on 10/12/2007, -0/+4Ahh...reminds me of back in the day when we "proved" to the teacher that the "random number" generator on Apple II's was not random. We turned on several at the exact moment and showed that if we generated a random number on each at the exact same time, we would get the exact same random number.
- inactive, on 10/12/2007, -1/+4Research takes time.
- biffbobfred, on 10/12/2007, -1/+4In general they gather entropy from physical sources. Any driver can be a source of entropy. Keyboard and network are actually frowned upon as a source... can be influenced by a cracker. Interrupt timings are a good source.
- skidzilla, on 10/12/2007, -0/+3This paper went right over my head. But surely if they are intelligent enough to identify a problem as complex as this, they can simply write a kernel patch and submit it? Or does the whole LRNG need a re-write?
- tylerl, on 10/12/2007, -3/+5Inaccurate. Alarmist. FUD. Inexcusable self-promotion.
The gist of the aritcle is that the builtin Linux random number generator is too predictable to use in cryptography. This is old news, and true for all major operating systems. The RNG provided by the OS is NOT DESIGNED TO BE USED IN CRYPTOGRAPHY. The builtin RNG is strictly designed for general utility purposes; that is, it's optimized to provided the most uniform distribution of results with the least resource consumption, rather than be unpredictable to attackers.
Cryptography-grade RNGs are a totally separate product, always independant of the OS. If you know enough about cryptography to understand that you need a secure RNG, then you also know that the OS never provides that RNG. That's why products like OpenSSL come with their own random number generators.
These researchers most certainly know better. The fact that they published this paper is inexcusable. They're just trying to make a name for themselves at the public's expense.
No Digg. - scheper, on 10/12/2007, -1/+3The default Linux random number generator has always been flagged as insecure and should be used only for unimportant programs such as games. There are many better and more secure random number generators out for Linux (and Windows), but if you're doing important projects that rely on random numbers for security, you should really know which generators to use.
- merreborn, on 10/12/2007, -2/+4Read the article. The researchers were well aware of that fact. They explain it in great clarity.
- aroedl, on 10/12/2007, -0/+2We had random number generators in software for years. Ho do you find a truely random number in software? How do you decide that the number you choose is random? You need an external source. It doesn't have anything to do with the operating system. Especially not with Linux. I wouldn't even trust the motherbords with integrated RNG hardware. How do you know?
Ever tried GPG/PGP? You are asked for random keyboard input. It all depends on the frequency of your key-presses. That _might_ be random... - Bogtha, on 10/12/2007, -0/+2> If it only spit out the number nine, you're not going to get a flat probability curve, which is what a random function should give you.
A random function should give you a flat probability curve when run for an infinite amount of time. Obviously, this is impossible to determine, meaning that you cannot test a random function's quality simply by analysing a finite amount of output.
A truly random function is perfectly capable of spitting out nothing but the number nine for years. If it was incapable of doing so, then it wouldn't be random, would it? - yahoofrom, on 10/12/2007, -0/+2We need a three line summary here.
- nailbunny, on 10/12/2007, -0/+2sgtpinky
how are you posting? - MarkByers, on 10/12/2007, -0/+2Yep, I agree. The zealots suck, from all OSs. People should look at the facts instead of just randomly bashing things every time a story comes out. Can't we all just get on?
- harmlessinc, on 10/12/2007, -1/+2"If there was an exploit they would have sold it, not talked about it, therefore it seems there is no exploitable weakness in the current Linux random number generator."
Look into the concept of full-disclosure - not everyone is in it for profit alone. - DickBreath, on 10/12/2007, -0/+1I think hackers of all sizes would be equally capable of targeting Windows for Workgroups.
- inactive, on 10/12/2007, -0/+1Maybe you missed what he said. He said that radioactive decay was absolutely random, and other stuff was effectively random unless you were God or had 10 billion years. Apparently, he doesn't think God could predict radioactive decay (should there be a God around to do so).
- geekee, on 10/12/2007, -1/+2What would be better is a real random number generator in hardware based on thermal noise or something like that.
- allenu, on 10/12/2007, -2/+3Er, do statistical analysis, of course. If it only spit out the number nine, you're not going to get a flat probability curve, which is what a random function should give you.
- mancat, on 10/12/2007, -0/+1This is becoming less and less of an issue, as most modern motherboard chipsets provide a hardware-based random number generator that can be used in place of software RNGs.
- strcmp, on 10/12/2007, -1/+2Why do people get so upset over PDF files?
- Jams, on 10/12/2007, -0/+1Because I didnt read the headline/article properly and made a stupid comment. So I went back and edited the comment.
- inactive, on 10/12/2007, -0/+1How do you know that a God would have to deal with that? Although Heisenberg's Uncertainty Principle would prevent us from being able to obtain arbitrary information to start with. Is it known that it would cut us off before we could get enough information for this case though?
- The_Decryptor, on 10/12/2007, -1/+2"i dont see why he had to put the word israel in the title in the first place."
Because they were from Israel? -
Show 51 - 99 of 99 discussions
Digg is coming to a city (and computer) near you! Check out all the details on our 
© Digg Inc. 2009
— Content created and posted by Digg users is